Next | Query returned 1 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2010-06-03 10:33:32 by S.P.Zeidler | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket 3135 - requested by taca
security update

Revisions pulled up:
- pkgsrc/security/openssl/Makefile	1.149
- pkgsrc/security/openssl/distinfo	1.75

Files removed:
pkgsrc/security/openssl/patches/patch-bc

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Mon Apr 12 14:19:17 UTC 2010

   Modified Files:
           pkgsrc/security/openssl: Makefile distinfo
   Removed Files:
           pkgsrc/security/openssl/patches: patch-bc

   Log message:
   Update openssl package from 0.9.8m to 0.9.8n.

    Changes between 0.9.8m and 0.9.8n [24 Mar 2010]

     *) When rejecting SSL/TLS records due to an incorrect version number, never
        update s->server with a new major version number.  As of
        - OpenSSL 0.9.8m if 'short' is a 16-bit type,
        - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
        the previous behavior could result in a read attempt at NULL when
        receiving specific incorrect SSL/TLS records once record payload
        protection is active.  (CVE-2010-0740)
        [Bodo Moeller, Adam Langley <agl@chromium.org>]

     *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
        could be crashed if the relevant tables were not present (e.g. chrooted).
        [Tomas Hoger <thoger@redhat.com>]

   To generate a diff of this commit:
   cvs rdiff -u -r1.146 -r1.147 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.73 -r1.74 pkgsrc/security/openssl/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/security/openssl/patches/patch-bc

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Sat May  8 06:33:41 UTC 2010

   Modified Files:
           pkgsrc/security/openssl: Makefile

   Log message:
   Set correct architecture on Darwin

   To generate a diff of this commit:
   cvs rdiff -u -r1.147 -r1.148 pkgsrc/security/openssl/Makefile

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Wed Jun  2 13:30:11 UTC 2010

   Modified Files:
           pkgsrc/security/openssl: Makefile distinfo

   Log message:
   Update security/openssl package to 0.9.8o.

    OpenSSL CHANGES
    _______________

    Changes between 0.9.8n and 0.9.8o [01 Jun 2010]

     *) Correct a typo in the CMS ASN1 module which can result in invalid memory
        access or freeing data twice (CVE-2010-0742)
        [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]

     *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
        common in certificates and some applications which only call
        SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
        [Steve Henson]

     *) VMS fixes:
        Reduce copying into .apps and .test in makevms.com
        Don't try to use blank CA certificate in CA.com
        Allow use of C files from original directories in maketests.com
        [Steven M. Schweda" <sms@antinode.info>]

   To generate a diff of this commit:
   cvs rdiff -u -r1.148 -r1.149 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.74 -r1.75 pkgsrc/security/openssl/distinfo

Next | Query returned 1 messages, browsing 1 to 10 | previous